XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

291

292

293

294

295

296

297

298

299

300

XYGATE

User Authentication

™

Reference Manual

Appendix B: The UAACL File

XYPRO Technology Corporation 265 Proprietary and Confidential

B19: FROM_USER

This is a space-separated list of subject users; that is, the users who are trying to do

the logon operation. You can enter userids and aliases on separate lines for clarity if

you wish.

A logged-off TACL will be user 0,0.

Syntax:

FROM_USER <user list>

In the Example below, SUPER.SUPER and SECURITY.ADMIN can logon to

themselves and each other even if their userids are frozen. The FROZEN_OK keyword

is described in the next section.

Example: How to allow selected users to logon to frozen userids

UAGROUP LOGON-2-FROZEN

DESCRIPTION "255,255 and 253,1 can logon even if their IDs are frozen"

FROZEN_OK ON

PASSWORD_REQUIRED ON

OMIT_PASSWORD_USERS SUPER.SUPER

!Selection Criteria:

FROM_USER SECURITY.ADMIN SUPER.SUPER

TO_USER SECURITY.ADMIN SUPER.SUPER

B20: FROZEN_OK

The FROZEN_OK keyword allows a userid to be logged on to a frozen userid, such as

when too many failed logons have occurred and AUTHENTICATE_FAIL_FREEZE is

set.

When FROZEN_OK is set to ON, the userid can be logged on to, even when it is

frozen.

When FROZEN_OK is set to OFF, the userid cannot be logged on to when it is frozen.

If present in a UAGroup, this keyword’s value overrides the one in the UACONF file.

If this keyword is omitted, the value in the UACONF file is used.

Syntax:

FROZEN_OK {ON | OFF}

In the Example below, the members of the $SECURITY group will be allowed to logon

even if the IDs are Frozen.

Example: How to allow certain userids to logon even when frozen

UAGROUP FROZEN-OK-SECURITY

DESCRIPTION "Allow $Security to logon even when Frozen"

FROZEN_OK ON

!Selection Criteria:

FROM_USER 0,0

TO_USER $SECURITY